New Spear Phish Methodology Relies on PuTTY SSH Client to Infect Systems
It tried to trick victims into clicking on malicious files as part of a fake Amazon job assessment Read More
CISA Expands Vulnerabilities Catalog With Old, Exploited Flaws
Four of the CVEs posted are from 2013, and one is from 2010 Read More
DSA-5231 connman – security update
Several vulnerabilities were discovered in ConnMan, a network manager for embedded devices, which could result in denial of service or the execution of arbitrary code....
webkit2gtk3-2.38.0-2.fc35
FEDORA-2022-ece798a8d4 Packages in this update: webkit2gtk3-2.38.0-2.fc35 Update description: New media controls UI style. Add new API to set WebView’s Content-Security-Policy for web extensions support. Make...
webkit2gtk3-2.38.0-2.fc36
FEDORA-2022-a77b646471 Packages in this update: webkit2gtk3-2.38.0-2.fc36 Update description: New media controls UI style. Add new API to set WebView’s Content-Security-Policy for web extensions support. Make...
Friday Squid Blogging: Mayfly Squid
This is surprisingly funny. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t...
CVE-2020-25491
6Kare Emakin 5.0.341.0 is affected by Cross Site Scripting (XSS) via the /rpc/membership/setProfile DisplayName field, which is mishandled when rendering the Activity Stream page. Read...
API security—and even visibility—isn’t getting handled by enterprises
A report released this week by OpinionMatters and commissioned by Noname Security found that more than three out of four senior cybersecurity professionals in the...
CVE-2020-36601 (emui, magic_ui)
Out-of-bounds write vulnerability in the kernel modules. Successful exploitation of this vulnerability may cause a panic reboot. Read More
CVE-2020-36600 (emui, magic_ui)
Out-of-bounds write vulnerability in the power consumption module. Successful exploitation of this vulnerability may cause the system to restart. Read More